Denial of service and loss of services due to disasters are two issues that are primarily linked to which of the following main concepts of information security?

Your companys CIO has stressed the need for an immediate incident response plan to be created. What is the best reason for this mandate?

During a post-mortem incident evaluation, it is discovered that coercion was used by an attacker to infiltrate the company and obtain confidential information. This tactic would best be characterized as:

Roger calls into a customer service center and pretends to be affiliated with the company in order to gain secured information. What tactic is Roger using?

Mike, who was a help desk support person, has recently been moved into the position of security awareness trainer. What is the purpose of Mikes new position?

Kim is a data custodian for her company. She has many duties to perform each day. Which duty would be considered "out of scope" in her position?

Tom has just completed the companys first-ever security policy after getting final sign-off from the executive committee. The security policy that Tom is publishing could include all of the following initiatives except:

A government contracting firm uses classification levels within its data networking environment. Which of the following best describes why this is put into place?

In a heated debate between the IT department, operations, and the finance department, the issue of who "owns" the financial data in question is raised. Of the entities listed below, who is most likely the owner of this data?

Risk management can be very complex and overwhelming. It is virtually impossible to consider every possible scenario during a risk analysis, however, there are methods available that can produce better results. Which of the following would provide the best results when carrying out a risk analysis?